cubicweb: comparison server/querier.py

equal deleted inserted replaced

-:e3994fcc21c3
+:1806148d6ce8
 from rql import RQLSyntaxError
 from rql.stmts import Union, Select
 from rql.nodes import (Relation, VariableRef, Constant, SubQuery, Function,
 Exists, Not)
-from cubicweb import Unauthorized, QueryError, UnknownEid, typed_eid
+from cubicweb import ValidationError, Unauthorized, QueryError, UnknownEid
-from cubicweb import server
+from cubicweb import server, typed_eid
 from cubicweb.rset import ResultSet
 from cubicweb.server.utils import cleanup_solutions
 from cubicweb.server.rqlannotation import SQLGenAnnotator, set_qdata
 from cubicweb.server.ssplanner import READ_ONLY_RTYPES, add_types_restriction, EditedEntity
 plan.cache_key = cachekey
 self._planner.build_plan(plan)
 # execute the plan
 try:
 results = plan.execute()
-except Unauthorized:
+except (Unauthorized, ValidationError):
-# XXX this could be done in security's after_add_relation hooks
+# getting an Unauthorized/ValidationError exception means the
-# since it's actually realy only needed there (other relations
+# transaction must been rollbacked
-# security is done *before* actual changes, and add/update entity
-# security is done after changes but in an operation, and exception
-# generated in operation's events properly generate a rollback on
-# the session). Even though, this is done here for a better
-# consistency: getting an Unauthorized exception means the
-# transaction has been rollbacked
 #
 # notes:
 # * we should not reset the pool here, since we don't want the
 #   session to loose its pool during processing
 # * don't rollback if we're in the commit process, will be handled

changeset 6366	1806148d6ce8
parent 6180	9d7acf23369d
parent 6361	843684a50e48
child 6401	d7f5d873e1b8